Q

Restricting user access to home directories

Security expert James Turnbull describes how to restrict user access to home directories through the use of the "chroot" command.

I am using Fedora Core 1.0 on my Web server and have installed VSFTPD on it. If I create an account and give it a home directory, (i.e./var/www/test) and try to access FTP with this account, it goes into the directory /var/www/test. However, if after logging into FTP I press the "back" button, it takes me to /var/www folder where the user can see all of the data. How do I restrict the user to access their home directories only?
In order to lock a user into their home directory, you need to look at vsftpd's chroot functionality. You need to edit the /etc/vsftpd/vsftpd.conf configuration file and change chroot_list_enable option to "yes." Then, specify a file called /etc/vsftpd.chroot and add all the users you wish to chroot to this file.

Or, if you wish all users to be chroot'ed, then you can set the chroot_local_user option to "yes." Chrooting an...

FTP server can be complicated and have some serious security implications. I recommend you read the vsftpd.conf man page carefully.

This was last published in February 2006

Dig Deeper on Linux security risks and threats

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchDataCenter

SearchServerVirtualization

SearchCloudComputing

SearchEnterpriseDesktop

Close